All these social engineering attacks have been extensively used in recent years, and sometimes they are integrated with other types of cyberattacks, so they are becoming one of the main attack vectors for the propagation of malicious programs.

There are many real-life examples that show the effectiveness of these attacks. The following is a list of the most successful social engineering attacks over the last few years:

• RSA SecurID Breach, 2011, attack technique—spear phishing , refer to point 11 under the References section. 
• Associated Press Twitter hijack, 2013, attack technique—spear phishing, account takeover , refer to point 11 under the References section. 
• Carbanak APT-style campaign targeting (but not limited to) financial institutions, 2014, attack technique—scam, spear phishing, malware , refer to point 12 under the References section. 
• New York Times, 2013, attack technique—spear phishing, data breach , refer to point 13 under the References section. 
• Operation Red October, 2013, attack technique—spear phishing, malware, data breach , refer to point 14 under the References section. 

• Hidden Lynx on Bit9, 2013, attack technique—waterholing , refer to point 15 under the References section. 
• Target Credit Card Breach, 2013, attack technique—phishing, smishing/texting, phone calls , refer to point 15  under the References section. 
• Ubiquiti Networks Inc. email spoofing fraud, 2015, attack technique—spear phishing , refer to point 16 under the References section. 
• Department of Labor website used to launch a cyberattack, 2013, attack technique—waterholing attack , refer to point 17 under the References section. 
• Yahoo!, more than 3 billion customer accounts compromised, 2013, attack technique—phishing, data breach, fraud , refer to point 18 under the References section. 
• Apple, Facebook, Twitter and Microsoft, stealing confidential information, 2013, attack technique—waterholing , refer to point 19 under the References section. 
• 10k US Government employees spearphished with malware-laced posts, 2017, attack technique—spear phishing/malware, fraudulent accounts, refer to point 20 under the References section. 
• Twitter, 3rd-party app leads to hundreds of high-profile account compromises, 2017, attack technique—account takeover , refer to point 20 under the References section. 
• LinkedIn hacked, exposing 117 million credentials, 2012-2016, attack technique: data breach, account takeover , refer to point 20 under the References section. 
• Enigma's Slack and website hacked, a half million in Ether coins stolen, 2017, attack technique—fraud and scams, impersonation, account takeover , refer to point 20 under the References section. 
• Vevo Hacked through targeted LinkedIn phishing attack, 3.12TB exfiltrated, 2017, attack technique—spear phishing, malware , refer to point 20 under the References section.